CVE-2022-20871 Cisco Secure Web Appliance Privilege Escalation Vulnerability

🗓️ 15 Nov 2024 15:27:14Reported by ciscoType

Cisco Secure Web Appliance Privilege Escalation CVE-2022-2087

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability in the web interface for managing the Cisco AsyncOS operating system for Cisco Secure Web Appliances allows a attacker to elevate their privileges to the root level.	22 Aug 202200:00	–	bdu_fstec
Circl	CVE-2022-20871	19 Aug 202212:00	–	circl
Cisco	Cisco Secure Web Appliance Privilege Escalation Vulnerability	17 Aug 202216:00	–	cisco
Tenable Nessus	Cisco Secure Web Appliance < 14.5.0-537 Privilege Escalation (cisco-sa-wsa-prv-esc-8PdRU8t8)	19 Aug 202200:00	–	nessus
CNNVD	Cisco AsyncOS 操作系统命令注入漏洞	17 Aug 202200:00	–	cnnvd
CVE	CVE-2022-20871	15 Nov 202415:27	–	cve
EUVD	EUVD-2022-26121	3 Oct 202520:07	–	euvd
NCSC	Vulnerability fixed in Cisco Secure Web Appliance	18 Aug 202200:00	–	ncsc
NVD	CVE-2022-20871	15 Nov 202416:15	–	nvd
OSV	CVE-2022-20871	15 Nov 202416:15	–	osv

[
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Web Appliance",
    "versions": [
      {
        "version": "12.5.3-002",
        "status": "affected"
      },
      {
        "version": "14.1.0-032",
        "status": "affected"
      },
      {
        "version": "14.1.0-047",
        "status": "affected"
      },
      {
        "version": "14.1.0-041",
        "status": "affected"
      },
      {
        "version": "14.0.2-012",
        "status": "affected"
      },
      {
        "version": "12.5.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.2-007",
        "status": "affected"
      },
      {
        "version": "12.5.2-011",
        "status": "affected"
      },
      {
        "version": "14.5.0-498",
        "status": "affected"
      },
      {
        "version": "12.5.4-005",
        "status": "affected"
      },
      {
        "version": "12.5.4-011",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-8PdRU8t8
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU

15 Nov 2024 15:27Current

CVSS 3.16.3

EPSS0.00204